LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
25392 Commits
1 Branch
46 MiB
Tree: 2a86c465bc
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '2a86c465bc'
${ noResults }
openwrt-packages-dist/kernel/ksmbd/patches/010-no-acl.patch

189 lines
5.4 KiB
Raw Normal View History

ksmbd: update to 3.4.1 Add AUTORELEASE as 19.07 compatibility is not needed. Add dependency hacks and add comments. Add upstream patch to get rid of FS_POSIX_ACL requirement. Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years ago
 
  1. From f408c6c45013c80d62ed4b793ee79d76e4b582e0 Mon Sep 17 00:00:00 2001
  2. From: Namjae Jeon <namjae.jeon@samsung.com>
  3. Date: Wed, 11 Aug 2021 15:21:04 +0900
  4. Subject: [PATCH] ksmbd: remove select FS_POSIX_ACL in Kconfig
  5. 

  6. ksmbd is forcing to turn on FS_POSIX_ACL in Kconfig to use vfs acl
  7. functions(posix_acl_alloc, get_acl, set_posix_acl). OpenWRT and other
  8. platform doesn't use acl and this config is disable by default in
  9. kernel. This patch use IS_ENABLED() to know acl config is enable and use
  10. acl function if it is enable.
  11. 

  12. Signed-off-by: Namjae Jeon <namjae.jeon@samsung.com>
  13. ---

  14.  Kconfig   |  1 -
  15.  smb2pdu.c |  8 +++---
  16.  smbacl.c  | 80 ++++++++++++++++++++++++++++++++-----------------------
  17.  vfs.c     |  9 +++++++
  18.  4 files changed, 60 insertions(+), 38 deletions(-)
  19. 

  20. --- a/Kconfig

  21. +++ b/Kconfig

  22. @@ -19,7 +19,6 @@ config SMB_SERVER

  23.  	select CRYPTO_GCM
  24.  	select ASN1
  25.  	select OID_REGISTRY
  26. -	select FS_POSIX_ACL

  27.  	default n
  28.  	help
  29.  	  Choose Y here if you want to allow SMB3 compliant clients
  30. --- a/smb2pdu.c

  31. +++ b/smb2pdu.c

  32. @@ -2387,9 +2387,11 @@ static void ksmbd_acls_fattr(struct smb_

  33.  	fattr->cf_mode = inode->i_mode;
  34.  	fattr->cf_dacls = NULL;
  35.  
  36. -	fattr->cf_acls = get_acl(inode, ACL_TYPE_ACCESS);

  37. -	if (S_ISDIR(inode->i_mode))

  38. -		fattr->cf_dacls = get_acl(inode, ACL_TYPE_DEFAULT);

  39. +	if (IS_ENABLED(CONFIG_FS_POSIX_ACL)) {

  40. +		fattr->cf_acls = get_acl(inode, ACL_TYPE_ACCESS);

  41. +		if (S_ISDIR(inode->i_mode))

  42. +			fattr->cf_dacls = get_acl(inode, ACL_TYPE_DEFAULT);

  43. +	}

  44.  }
  45.  
  46.  /**
  47. --- a/smbacl.c

  48. +++ b/smbacl.c

  49. @@ -533,22 +533,29 @@ static void parse_dacl(struct user_names

  50.  
  51.  	if (acl_state.users->n || acl_state.groups->n) {
  52.  		acl_state.mask.allow = 0x07;
  53. -		fattr->cf_acls = posix_acl_alloc(acl_state.users->n +

  54. -			acl_state.groups->n + 4, GFP_KERNEL);

  55. -		if (fattr->cf_acls) {

  56. -			cf_pace = fattr->cf_acls->a_entries;

  57. -			posix_state_to_acl(&acl_state, cf_pace);

  58. +

  59. +		if (IS_ENABLED(CONFIG_FS_POSIX_ACL)) {

  60. +			fattr->cf_acls =

  61. +				posix_acl_alloc(acl_state.users->n +

  62. +					acl_state.groups->n + 4, GFP_KERNEL);

  63. +			if (fattr->cf_acls) {

  64. +				cf_pace = fattr->cf_acls->a_entries;

  65. +				posix_state_to_acl(&acl_state, cf_pace);

  66. +			}

  67.  		}
  68.  	}
  69.  
  70.  	if (default_acl_state.users->n || default_acl_state.groups->n) {
  71.  		default_acl_state.mask.allow = 0x07;
  72. -		fattr->cf_dacls =

  73. -			posix_acl_alloc(default_acl_state.users->n +

  74. -			default_acl_state.groups->n + 4, GFP_KERNEL);

  75. -		if (fattr->cf_dacls) {

  76. -			cf_pdace = fattr->cf_dacls->a_entries;

  77. -			posix_state_to_acl(&default_acl_state, cf_pdace);

  78. +

  79. +		if (IS_ENABLED(CONFIG_FS_POSIX_ACL)) {

  80. +			fattr->cf_dacls =

  81. +				posix_acl_alloc(default_acl_state.users->n +

  82. +				default_acl_state.groups->n + 4, GFP_KERNEL);

  83. +			if (fattr->cf_dacls) {

  84. +				cf_pdace = fattr->cf_dacls->a_entries;

  85. +				posix_state_to_acl(&default_acl_state, cf_pdace);

  86. +			}

  87.  		}
  88.  	}
  89.  	free_acl_state(&acl_state);
  90. @@ -1221,31 +1228,36 @@ int smb_check_perm_dacl(struct ksmbd_con

  91.  			granted = GENERIC_ALL_FLAGS;
  92.  	}
  93.  
  94. -	posix_acls = get_acl(d_inode(path->dentry), ACL_TYPE_ACCESS);

  95. -	if (posix_acls && !found) {

  96. -		unsigned int id = -1;

  97. -

  98. -		pa_entry = posix_acls->a_entries;

  99. -		for (i = 0; i < posix_acls->a_count; i++, pa_entry++) {

  100. -			if (pa_entry->e_tag == ACL_USER)

  101. -				id = from_kuid(user_ns,

  102. -					       pa_entry->e_uid);

  103. -			else if (pa_entry->e_tag == ACL_GROUP)

  104. -				id = from_kgid(user_ns,

  105. -					       pa_entry->e_gid);

  106. -			else

  107. -				continue;

  108. -

  109. -			if (id == uid) {

  110. -				mode_to_access_flags(pa_entry->e_perm, 0777, &access_bits);

  111. -				if (!access_bits)

  112. -					access_bits = SET_MINIMUM_RIGHTS;

  113. -				goto check_access_bits;

  114. +	if (IS_ENABLED(CONFIG_FS_POSIX_ACL)) {

  115. +		posix_acls = get_acl(d_inode(path->dentry), ACL_TYPE_ACCESS);

  116. +		if (posix_acls && !found) {

  117. +			unsigned int id = -1;

  118. +

  119. +			pa_entry = posix_acls->a_entries;

  120. +			for (i = 0; i < posix_acls->a_count; i++, pa_entry++) {

  121. +				if (pa_entry->e_tag == ACL_USER)

  122. +					id = from_kuid(user_ns,

  123. +						       pa_entry->e_uid);

  124. +				else if (pa_entry->e_tag == ACL_GROUP)

  125. +					id = from_kgid(user_ns,

  126. +						       pa_entry->e_gid);

  127. +				else

  128. +					continue;

  129. +

  130. +				if (id == uid) {

  131. +					mode_to_access_flags(pa_entry->e_perm,

  132. +							     0777,

  133. +							     &access_bits);

  134. +					if (!access_bits)

  135. +						access_bits =

  136. +							SET_MINIMUM_RIGHTS;

  137. +					goto check_access_bits;

  138. +				}

  139.  			}
  140.  		}
  141. +		if (posix_acls)

  142. +			posix_acl_release(posix_acls);

  143.  	}
  144. -	if (posix_acls)

  145. -		posix_acl_release(posix_acls);

  146.  
  147.  	if (!found) {
  148.  		if (others_ace) {
  149. @@ -1308,7 +1320,7 @@ int set_info_sec(struct ksmbd_conn *conn

  150.  
  151.  	ksmbd_vfs_remove_acl_xattrs(user_ns, path->dentry);
  152.  	/* Update posix acls */
  153. -	if (fattr.cf_dacls) {

  154. +	if (IS_ENABLED(CONFIG_FS_POSIX_ACL) && fattr.cf_dacls) {

  155.  #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0)
  156.  		rc = set_posix_acl(user_ns, inode,
  157.  				   ACL_TYPE_ACCESS,
  158. --- a/vfs.c

  159. +++ b/vfs.c

  160. @@ -1508,6 +1508,9 @@ static struct xattr_smb_acl *ksmbd_vfs_m

  161.  	struct xattr_acl_entry *xa_entry;
  162.  	int i;
  163.  
  164. +	if (!IS_ENABLED(CONFIG_FS_POSIX_ACL))

  165. +		return NULL;

  166. +

  167.  	posix_acls = get_acl(inode, acl_type);
  168.  	if (!posix_acls)
  169.  		return NULL;
  170. @@ -2322,6 +2325,9 @@ int ksmbd_vfs_set_init_posix_acl(struct

  171.  	struct posix_acl *acls;
  172.  	int rc;
  173.  
  174. +	if (!IS_ENABLED(CONFIG_FS_POSIX_ACL))

  175. +		return -EOPNOTSUPP;

  176. +

  177.  	ksmbd_debug(SMB, "Set posix acls\n");
  178.  	rc = init_acl_state(&acl_state, 1);
  179.  	if (rc)
  180. @@ -2377,6 +2383,9 @@ int ksmbd_vfs_inherit_posix_acl(struct u

  181.  	struct posix_acl_entry *pace;
  182.  	int rc, i;
  183.  
  184. +	if (!IS_ENABLED(CONFIG_FS_POSIX_ACL))

  185. +		return -EOPNOTSUPP;

  186. +

  187.  	acls = get_acl(parent_inode, ACL_TYPE_DEFAULT);
  188.  	if (!acls)
  189.  		return -ENOENT;